Update Set Scan Best Practises

akbalFTV
Tera Contributor

‎03-04-2024 03:41 AM

I am trying to implement the Update Set Scan as a pre-requisite for release process before moving an update set across instances. I have a couple of questions around that.

 

  1. The Scan runs fine and gives findings as expected. But I’m struggling to understand how to use these effectively. In the below example, it has 2 findings and if I go to the Results Dashboard in the Related Links, it shows the latest scan findings but only d where we can see all the scan findings and their nature. The OOB dashboard ‘Instance Scan Results’ does not have any data.

    akbalFTV_0-1709552250197.png
    akbalFTV_1-1709552344764.png

  2. What are the best practices for using this in multiple instances and how are others using this? We would like to track the scans and findings in Production but our development process would need these to be run in Dev before moving the update sets to another instance to mitigate the scan findings. The scan findings in Dev would eventually be scrapped off after periodic clone from prod. Do you suggest we run the scan again in Production before committing update sets?

Thanks,

Akshatha

0 Helpfuls
  • 3,404 Views
8 REPLIES 8

Appanna M
Tera Guru

‎04-24-2024 11:38 AM

Hello @akbalFTV,

 

Just to add few more points here like you have to run a scan at development level and check if there are any recommendations/risk that you have to take care, if so go and incorporate the changes at development level and run the scan again. Next time you make sure that you will not get any recommendations. Then you simply follow the process of moving updates between instances. 

 

Please Mark My Answer as Helpful and Accept as Solution, if you find this article helpful or resolves your issue.

0 Helpfuls

Mark Roethof
Tera Patron
Tera Patron

‎04-24-2024 12:46 PM

Hi there,

 

Did you also create any scan checks yourself?

 

Asking because simply performing run update set scan or the batch scan with only the out-of-the-box checks: useless. The out-of-the-box checks are not targeted to development. So your scanning things that hardly matter regarding your development.

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls

Idea Igniter
ServiceNow Employee
ServiceNow Employee

‎08-19-2024 12:46 PM

Hi @akbalFTV Akshatha, it's not recommended to run an update set scan in your production instance. Running an update set scan in a production instance can be risky, as it might lead to unintended consequences that could impact your live environment. Executing the scan in a development instance allows you to identify and fix potential issues before the update set is promoted to higher instances like QA or production. This proactive approach helps ensure that only well-vetted changes make it to production, reducing the likelihood of disruptions. The suggested approach is to resolve the findings beforehand and rescan to see the result.

0 Helpfuls

Mark Roethof
Tera Patron
Tera Patron
In response to Idea Igniter

‎08-19-2024 08:34 PM

@Idea Igniter Is your response specifically targeted on scanning Update Sets or instance scan in general? And that running instance scan in production is not recommended?

 

Please clarify.

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls